npm - mastercontroller - Versions diffs - 1.2.13 → 1.3.0 - Mend

mastercontroller 1.2.13 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/.claude/settings.local.json +12 -0
package/MasterAction.js +7 -7
package/MasterControl.js +192 -122
package/MasterCors.js +29 -0
package/MasterHtml.js +5 -5
package/MasterPipeline.js +344 -0
package/MasterRouter.js +59 -29
package/MasterSession.js +19 -0
package/MasterTemplate.js +3 -3
package/MasterTimeout.js +332 -0
package/README.md +1496 -36
package/docs/timeout-and-error-handling.md +712 -0
package/{MasterError.js → error/MasterError.js} +2 -2
package/{MasterErrorLogger.js → error/MasterErrorLogger.js} +1 -1
package/{MasterErrorMiddleware.js → error/MasterErrorMiddleware.js} +2 -2
package/error/MasterErrorRenderer.js +529 -0
package/{ssr → error}/SSRErrorHandler.js +2 -2
package/{MasterCache.js → monitoring/MasterCache.js} +2 -2
package/{MasterMemoryMonitor.js → monitoring/MasterMemoryMonitor.js} +2 -2
package/{MasterProfiler.js → monitoring/MasterProfiler.js} +2 -2
package/{ssr → monitoring}/PerformanceMonitor.js +2 -2
package/package.json +5 -5
package/{EventHandlerValidator.js → security/EventHandlerValidator.js} +3 -3
package/{MasterSanitizer.js → security/MasterSanitizer.js} +2 -2
package/{MasterValidator.js → security/MasterValidator.js} +2 -2
package/{SecurityMiddleware.js → security/SecurityMiddleware.js} +75 -3
package/{SessionSecurity.js → security/SessionSecurity.js} +2 -2
package/ssr/hydration-client.js +3 -3
package/ssr/runtime-ssr.cjs +9 -9
package/MasterBenchmark.js +0 -89
package/MasterBuildOptimizer.js +0 -376
package/MasterBundleAnalyzer.js +0 -108
package/ssr/HTMLUtils.js +0 -15
/package/{ssr → error}/ErrorBoundary.js +0 -0
/package/{ssr → error}/HydrationMismatch.js +0 -0
/package/{MasterBackendErrorHandler.js → error/MasterBackendErrorHandler.js} +0 -0
/package/{MasterErrorHandler.js → error/MasterErrorHandler.js} +0 -0
/package/{CSPConfig.js → security/CSPConfig.js} +0 -0

package/.claude/settings.local.json ADDED Viewed

@@ -0,0 +1,12 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(rm:*)",
+      "Bash(mv:*)",
+      "Bash(node -e:*)",
+      "Bash(find:*)"
+    ],
+    "deny": [],
+    "ask": []
+  }
+}

package/MasterAction.js CHANGED Viewed

@@ -1,5 +1,5 @@
-// version 0.0.22
+// version 0.0.23
 var master = require('./MasterControl');
 var fileserver = require('fs');
@@ -16,14 +16,14 @@ var path = require('path');
 const compileWebComponentsHTML = require('./ssr/runtime-ssr.cjs');
 // Enhanced error handling
-const { handleTemplateError, sendErrorResponse } = require('./MasterBackendErrorHandler');
-const { safeReadFile } = require('./MasterErrorMiddleware');
-const { logger } = require('./MasterErrorLogger');
+const { handleTemplateError, sendErrorResponse } = require('./error/MasterBackendErrorHandler');
+const { safeReadFile } = require('./error/MasterErrorMiddleware');
+const { logger } = require('./error/MasterErrorLogger');
 // Security - CSRF, validation, sanitization
-const { generateCSRFToken, validateCSRFToken } = require('./SecurityMiddleware');
-const { validator, validateRequestBody, sanitizeObject } = require('./MasterValidator');
-const { sanitizeUserHTML, escapeHTML } = require('./MasterSanitizer');
+const { generateCSRFToken, validateCSRFToken } = require('./security/SecurityMiddleware');
+const { validator, validateRequestBody, sanitizeObject } = require('./security/MasterValidator');
+const { sanitizeUserHTML, escapeHTML } = require('./security/MasterSanitizer');
 class MasterAction{

package/MasterControl.js CHANGED Viewed

@@ -1,5 +1,5 @@
 // MasterControl - by Alexander rich
-// version 1.0.248
+// version 1.0.252
 var url = require('url');
 var fileserver = require('fs');
@@ -12,13 +12,13 @@ var path = require('path');
 var globSearch = require("glob");
 // Enhanced error handling - setup global handlers
-const { setupGlobalErrorHandlers } = require('./MasterErrorMiddleware');
-const { logger } = require('./MasterErrorLogger');
+const { setupGlobalErrorHandlers } = require('./error/MasterErrorMiddleware');
+const { logger } = require('./error/MasterErrorLogger');
 // Security - Initialize security features
-const { security, securityHeaders } = require('./SecurityMiddleware');
-const { csp } = require('./CSPConfig');
-const { session } = require('./SessionSecurity');
+const { security, securityHeaders } = require('./security/SecurityMiddleware');
+const { csp } = require('./security/CSPConfig');
+const { session } = require('./security/SessionSecurity');
 // Initialize global error handling
 setupGlobalErrorHandlers();
@@ -192,24 +192,36 @@ class MasterControl {
     component(folderLocation, innerFolder){
-        var rootFolderLocation = path.join(this.root, folderLocation, innerFolder);
-        var files = globSearch.sync("**/*config.js", { cwd: rootFolderLocation, absolute: true });
-        if(files && files.length > 0){
-            require(files[0]);
+        // Enhanced: Support both relative (to master.root) and absolute paths
+        // If folderLocation is absolute, use it directly; otherwise join with master.root
+        var rootFolderLocation;
+        if (path.isAbsolute(folderLocation)) {
+            // Absolute path provided - use it directly
+            rootFolderLocation = path.join(folderLocation, innerFolder);
+        } else {
+            // Relative path - join with master.root (original behavior)
+            rootFolderLocation = path.join(this.root, folderLocation, innerFolder);
+        }
+        // Structure is always: {rootFolderLocation}/config/initializers/config.js
+        var configPath = path.join(rootFolderLocation, 'config', 'initializers', 'config.js');
+        if(fs.existsSync(configPath)){
+            require(configPath);
         }else{
-            this.error.log(`Cannot find config file under ${rootFolderLocation}`, "error");
+            this.error.log(`Cannot find config file at ${configPath}`, "error");
         }
-        var routeFiles = globSearch.sync("**/*routes.js", { cwd: rootFolderLocation, absolute: true });
-        var route = routeFiles && routeFiles.length > 0 ? routeFiles[0] : null;
+        // Structure is always: {rootFolderLocation}/config/routes.js
+        var routePath = path.join(rootFolderLocation, 'config', 'routes.js');
         var routeObject = {
-            isComponent : true,
+            isComponent : true,
             root : rootFolderLocation
         }
         this.router.setup(routeObject);
-        if(route){
-            require(route);
+        if(fs.existsSync(routePath)){
+            require(routePath);
         }else{
-            this.error.log(`Cannot find routes file under ${rootFolderLocation}`, "error");
+            this.error.log(`Cannot find routes file at ${routePath}`, "error");
         }
     }
@@ -248,6 +260,9 @@ class MasterControl {
             // before user config initializes them.
             try {
                 $that.addInternalTools([
+                    'MasterPipeline',
+                    'MasterTimeout',
+                    'MasterErrorRenderer',
                     'MasterAction',
                     'MasterActionFilters',
                     'MasterRouter',
@@ -264,6 +279,10 @@ class MasterControl {
             } catch (e) {
                 console.error('[MasterControl] Failed to load internal tools:', e && e.message);
             }
+            // Register core middleware that must run for framework to function
+            $that._registerCoreMiddleware();
             if(type === "http"){
                 $that.serverProtocol = "http";
                 return http.createServer(async function(req, res) {
@@ -420,120 +439,148 @@ class MasterControl {
         });
     }
-    async serverRun(req, res){
+    /**
+     * Register core middleware that must run for the framework to function
+     * This includes: static files, body parsing, scoped services, routing, error handling
+     */
+    _registerCoreMiddleware(){
         var $that = this;
-        console.log("path", `${req.method} ${req.url}`);
-          // Handle CORS preflight (OPTIONS) requests early and positively
-        if (req.method === 'OPTIONS') {
-            try {
-                if (this.cors && typeof this.cors.load === 'function') {
-                    if (!this.cors.options) {
-                        this.cors.init({
-                            origin: true,
-                            methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
-                            allowedHeaders: true,
-                            credentials: false,
-                            maxAge: 86400
-                        });
+        // 1. Static File Serving
+        $that.pipeline.use(async (ctx, next) => {
+            if (ctx.isStatic) {
+                // Serve static files
+                let pathname = `.${ctx.request.url}`;
+                fs.exists(pathname, function (exist) {
+                    if (!exist) {
+                        ctx.response.statusCode = 404;
+                        ctx.response.end(`File ${pathname} not found!`);
+                        return;
                     }
-                    this.cors.load({ request: req, response: res });
-                } else {
-                    res.setHeader('access-control-allow-origin', '*');
-                    res.setHeader('access-control-allow-methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS');
-                    if (req.headers['access-control-request-headers']) {
-                        res.setHeader('access-control-allow-headers', req.headers['access-control-request-headers']);
+                    if (fs.statSync(pathname).isDirectory()) {
+                        pathname += '/index' + path.parse(pathname).ext;
                     }
-                    res.setHeader('access-control-max-age', '86400');
-                }
-            } catch (e) {
-                res.setHeader('access-control-allow-origin', '*');
-                res.setHeader('access-control-allow-methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS');
-                if (req.headers['access-control-request-headers']) {
-                    res.setHeader('access-control-allow-headers', req.headers['access-control-request-headers']);
-                }
-                res.setHeader('access-control-max-age', '86400');
-            }
-            res.statusCode = 204;
-            res.setHeader('content-length', '0');
-            res.end();
-            return;
-        }
-        // Apply CORS headers to ALL non-OPTIONS requests
-        try {
-            if (this.cors && typeof this.cors.load === 'function') {
-                this.cors.load({ request: req, response: res });
-            }
-        } catch (e) {
-            console.warn('CORS load failed for non-OPTIONS request:', e.message);
-        }
+                    fs.readFile(pathname, function(err, data) {
+                        if (err) {
+                            ctx.response.statusCode = 500;
+                            ctx.response.end(`Error getting the file: ${err}.`);
+                        } else {
+                            const mimeType = $that.router.findMimeType(path.parse(pathname).ext);
+                            ctx.response.setHeader('Content-type', mimeType || 'text/plain');
+                            ctx.response.end(data);
+                        }
+                    });
+                });
-        // parse URL
-        const parsedUrl = url.parse(req.url);
-        // extract URL path
-        let pathname = `.${parsedUrl.pathname}`;
+                return; // Terminal - don't call next()
+            }
-        // based on the URL path, extract the file extension. e.g. .js, .doc, ...
-        const ext = path.parse(pathname).ext;
+            await next(); // Not static, continue pipeline
+        });
-        // handle simple preflight configuration - might need a complex approch for all scenarios
+        // 2. Timeout Tracking (optional - disabled by default until init)
+        // Will be configured by user in config.js with master.timeout.init()
+        // This is just a placeholder registration - actual timeout is set in user config
+        // 3. Request Body Parsing (always needed)
+        $that.pipeline.use(async (ctx, next) => {
+            // Parse body using MasterRequest
+            const params = await $that.request.getRequestParam(ctx.request, ctx.response);
-        // if extension exist then its a file.
-        if(ext === ""){
-          var requestObject = await this.middleware(req, res);
-          if(requestObject !== -1){
-            // HSTS header if enabled
-            if(this.serverProtocol === 'https' && this._hstsEnabled){
-                res.setHeader('strict-transport-security', `max-age=${this._hstsMaxAge}; includeSubDomains`);
+            // Merge parsed params into context
+            if (params && params.query) {
+                ctx.params.query = params.query;
             }
-            var loadedDone = false;
-            if (typeof $that._loadedFunc === 'function') {
-               loadedDone = $that._loadedFunc(requestObject);
-                if (loadedDone){
-                    require(`${this.root}/config/load`)(requestObject);
-                }
+            if (params && params.formData) {
+                ctx.params.formData = params.formData;
             }
-            else{
-                require(`${this.root}/config/load`)(requestObject);
+            await next();
+        });
+        // 4. Load Scoped Services (per request - always needed)
+        $that.pipeline.use(async (ctx, next) => {
+            for (var key in $that._scopedList) {
+                var className = $that._scopedList[key];
+                $that.requestList[key] = new className();
             }
-          }
-        }
-        else{
-            fs.exists(pathname, function (exist) {
-                if(!exist) {
-                  // if the file is not found, return 404
-                  res.statusCode = 404;
-                  res.end(`File ${pathname} not found!`);
-                  return;
-                }
-                // if is a directory search for index file matching the extension
-                if (fs.statSync(pathname).isDirectory()) pathname += '/index' + ext;
-                // read file from file system
-                fs.readFile(pathname, function(err, data){
-                  if(err){
-                    res.statusCode = 500;
-                    res.end(`Error getting the file: ${err}.`);
-                  } else {
-                    const mimeType = $that.router.findMimeType(ext);
-                    // if the file is found, set Content-type and send data
-                    res.setHeader('Content-type', mimeType || 'text/plain' );
-                    res.end(data);
-                  }
-                });
+            await next();
+        });
+        // 4. HSTS Header (if enabled for HTTPS)
+        $that.pipeline.use(async (ctx, next) => {
+            if ($that.serverProtocol === 'https' && $that._hstsEnabled) {
+                ctx.response.setHeader('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');
+            }
+            await next();
+        });
+        // 5. Routing (TERMINAL - always needed)
+        $that.pipeline.run(async (ctx) => {
+            // Load config/load which triggers routing
+            require(`${$that.root}/config/load`)(ctx);
+        });
+        // 6. Global Error Handler
+        $that.pipeline.useError(async (error, ctx, next) => {
+            logger.error({
+                code: 'MC_ERR_PIPELINE',
+                message: 'Error in middleware pipeline',
+                error: error.message,
+                stack: error.stack,
+                path: ctx.request.url,
+                method: ctx.type
             });
+            if (!ctx.response.headersSent) {
+                ctx.response.statusCode = 500;
+                ctx.response.setHeader('Content-Type', 'application/json');
+                ctx.response.end(JSON.stringify({
+                    error: 'Internal Server Error',
+                    message: process.env.NODE_ENV === 'production'
+                        ? 'An error occurred'
+                        : error.message
+                }));
+            }
+        });
+    }
+    async serverRun(req, res){
+        var $that = this;
+        console.log("path", `${req.method} ${req.url}`);
+        // Create request context for middleware pipeline
+        const parsedUrl = url.parse(req.url);
+        const pathname = parsedUrl.pathname;
+        const ext = path.parse(pathname).ext;
+        const context = {
+            request: req,
+            response: res,
+            requrl: url.parse(req.url, true),
+            pathName: pathname.replace(/^\/|\/$/g, '').toLowerCase(),
+            type: req.method.toLowerCase(),
+            params: {},
+            state: {},       // User-defined state shared across middleware
+            master: $that,   // Access to framework instance
+            isStatic: ext !== '' // Is this a static file request?
+        };
+        // Execute middleware pipeline
+        try {
+            await $that.pipeline.execute(context);
+        } catch (error) {
+            console.error('Pipeline execution failed:', error);
+            if (!res.headersSent) {
+                res.statusCode = 500;
+                res.end('Internal Server Error');
+            }
         }
-    } // end server()
+    } // end serverRun()
     start(server){
         this.server = server;
@@ -541,16 +588,18 @@ class MasterControl {
     startMVC(foldername){
         var rootFolderLocation = path.join(this.root, foldername);
-        var files = globSearch.sync("**/*routes.js", { cwd: rootFolderLocation, absolute: true });
+        // Structure is always: {rootFolderLocation}/routes.js
+        var routePath = path.join(rootFolderLocation, 'routes.js');
         var route = {
-            isComponent : false,
+            isComponent : false,
             root : `${this.root}`
         }
         this.router.setup(route);
-        if(files && files.length > 0){
-            require(files[0]);
+        if(fs.existsSync(routePath)){
+            require(routePath);
         }else{
-            this.error.log(`Cannot find routes file under ${rootFolderLocation}`, "error");
+            this.error.log(`Cannot find routes file at ${routePath}`, "error");
         }
     }
@@ -558,8 +607,29 @@ class MasterControl {
     // builds and calls all the required tools to have master running completely
     addInternalTools(requiredList){
         if(requiredList.constructor === Array){
+            // Map module names to their new organized paths
+            const modulePathMap = {
+                'MasterPipeline': './MasterPipeline',
+                'MasterTimeout': './MasterTimeout',
+                'MasterErrorRenderer': './error/MasterErrorRenderer',
+                'MasterError': './error/MasterError',
+                'MasterAction': './MasterAction',
+                'MasterActionFilters': './MasterActionFilters',
+                'MasterRouter': './MasterRouter',
+                'MasterRequest': './MasterRequest',
+                'MasterCors': './MasterCors',
+                'MasterSession': './MasterSession',
+                'MasterSocket': './MasterSocket',
+                'MasterHtml': './MasterHtml',
+                'MasterTemplate': './MasterTemplate',
+                'MasterTools': './MasterTools',
+                'TemplateOverwrite': './TemplateOverwrite'
+            };
             for(var i = 0; i < requiredList.length; i++){
-                require('./' + requiredList[i]);
+                const moduleName = requiredList[i];
+                const modulePath = modulePathMap[moduleName] || './' + moduleName;
+                require(modulePath);
             }
         }
     }

package/MasterCors.js CHANGED Viewed

@@ -11,6 +11,13 @@ class MasterCors{
 		else{
 			master.error.log("cors options missing", "warn");
 		}
+		// Auto-register with pipeline if available
+		if (master.pipeline) {
+			master.pipeline.use(this.middleware());
+		}
+		return this; // Chainable
 	}
 	load(params){
@@ -167,6 +174,28 @@ class MasterCors{
 			}
 		}
 	}
+	/**
+	 * Get CORS middleware for the pipeline
+	 * Handles both preflight OPTIONS requests and regular requests
+	 */
+	middleware() {
+		var $that = this;
+		return async (ctx, next) => {
+			// Handle preflight OPTIONS request
+			if (ctx.type === 'options') {
+				$that.load({ request: ctx.request, response: ctx.response });
+				ctx.response.statusCode = 204;
+				ctx.response.end();
+				return; // Terminal - don't call next()
+			}
+			// Regular request - apply CORS headers
+			$that.load({ request: ctx.request, response: ctx.response });
+			await next();
+		};
+	}
 }
 master.extend("cors", MasterCors);

package/MasterHtml.js CHANGED Viewed

@@ -1,4 +1,4 @@
-// version 0.0.24
+// version 0.0.25
 var master = require('./MasterControl');
 var fs = require('fs');
@@ -8,12 +8,12 @@ var temp = new tempClass();
 var tools = new toolClass();
 // Enhanced error handling
-const { handleTemplateError } = require('./MasterBackendErrorHandler');
-const { safeReadFile, safeFileExists } = require('./MasterErrorMiddleware');
-const { logger } = require('./MasterErrorLogger');
+const { handleTemplateError } = require('./error/MasterBackendErrorHandler');
+const { safeReadFile, safeFileExists } = require('./error/MasterErrorMiddleware');
+const { logger } = require('./error/MasterErrorLogger');
 // Security - Sanitization
-const { sanitizeTemplateHTML, sanitizeUserHTML, escapeHTML } = require('./MasterSanitizer');
+const { sanitizeTemplateHTML, sanitizeUserHTML, escapeHTML } = require('./security/MasterSanitizer');
 class html {